You could add a condition on the permissions on "CreateVpcEndpoint" endpoint where the ServiceName does not contains "com.amazonaws.vpce" which would block creating endpoints for customer created endpoint services.
- Accepted Answerasked 7 months ago
- Accepted Answerasked 10 months ago
- AWS OFFICIALUpdated a year ago
- How can I troubleshoot VPC endpoints in my private Elastic Beanstalk environment network configuration?AWS OFFICIALUpdated 10 months ago
- AWS OFFICIALUpdated 2 months ago
- How do I delete my Network Load Balancer that's associated with VPC endpoint services (PrivateLink)?AWS OFFICIALUpdated 2 years ago